| Description: | | Yonyou GRP-U8 administrative business financial management software is a new generation of products launched by Yonyou Company focusing on national e-government and based on cloud computing technology. The products before 20230905 series of Yonyou GRP-U8R10 U8Manager B, C, G have SQL injection vulnerabilities. The vulnerability is caused by the bx_historyDataCheck.jsp page not effectively filtering the user input, directly concatenating parameter values into the SQL query statement, resulting in an SQL injection vulnerability. |